You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
We discovered that your package depends on one of the transitive dependent packages that is causing the critical severity in our AWS inspector.
We discovered this while utilizing the AWS Inspector Scan Vulnerabilities tool to find a vulnerability. The malicious package is called monorepo-symlink-test.
Transitive dependency on the concern package given below.
I discovered after doing some study that a package contains the name of the malicious package in their package.json file located under the node_module's rest->resolver->multirepo->package.json within the resolve library's resolve module.
In order to prevent us from receiving the security alert, would you kindly remove the undesirable name from that package or remove it entirely?
The text was updated successfully, but these errors were encountered:
Hello,
We discovered that your package depends on one of the transitive dependent packages that is causing the critical severity in our AWS inspector.
We discovered this while utilizing the AWS Inspector Scan Vulnerabilities tool to find a vulnerability. The malicious package is called monorepo-symlink-test.
Transitive dependency on the concern package given below.
email-templates@11.1.1
└─┬ @ladjs/consolidate@1.0.3
└─┬ pug@3.0.2
└─┬ pug-filters@4.0.0
└── resolve@1.22.8
I discovered after doing some study that a package contains the name of the malicious package in their package.json file located under the node_module's rest->resolver->multirepo->package.json within the resolve library's resolve module.
In order to prevent us from receiving the security alert, would you kindly remove the undesirable name from that package or remove it entirely?
The text was updated successfully, but these errors were encountered: